terça-feira, 2 de fevereiro de 2016

HotSpot - captive portal android



All mobile OS just check a web page to decide whether they're behind a captive portal or not.
The mechanism is this:
  1. GET/POST http://foo.com/bar.html
  2. If bar.html == [expected content] > Open Internet
  3. If bar.html != [expected content] > Captive Portal
  4. If bar.html[status] != SUCCESS > No Network
Also, for iOS, you need to have a domain for your Wi-Fi network as it assumes a domainless network without access is a home network and just marks it as No Network instead of Captive Portal.
Just make sure to explicitly redirect the following urls to your captive portal with HTTP Success:
Android / Chromebook:
iOS 6:
  • gsp1.apple.com
  • *.akamaitechnologies.com
iOS 7:
  • www.appleiphonecell.com
  • www.airport.us
  • *.apple.com.edgekey.net
  • *.akamaiedge.net
  • *.akamaitechnologies.com
iOS 8/9:
Windows
  • ipv6.msftncsi.com
  • www.msftncsi.com
Amazon Kindle (Fire)
The Amazon Kindle (Fire) makes the following request, and if it cannot be retrieved "... it assumes that the user has to login and throws up a Log In screen.":
iOS 8.4
For the latest iOS I had to match all URIs for requests to http://captive.apple.com - not just "/hotspot-detect.html".
iOS 8.4 clients are making requests with randomly generated URIs (e.g. "/xmqPyZUv/3r8jTjv8.html" and "/7exN0TV7q0COX0/eKlBU8baU2tape/fjXUzDHBdE6W0O/BGbw7iYU2DVBh1/sVBlx8icYzTTtE.html") in URL requests to the following domains to detect a captive portal:


Many vendors have also began to use the User Agent "CaptiveNetworkSupport", though it's not as common as the URL method above. Just check for that UA and always give it your portal page...doesn't work 100% though.
I use the URL method and it's been working fine.

fonte:

http://www.magicbluesmoke.org/how-to-disable-googles-captive-portal-detection-and-why-doing-so-closes-a-small-privacy-hole/

https://android.stackexchange.com/questions/139588/captive-portal-detection-causing-phones-to-disconnect-from-wi-fi-in-intranet-env

Reações:

0 comentários: